Skip to main content
All CollectionsAPI
How to Integrate Your VaultOne Platform With SIEM
How to Integrate Your VaultOne Platform With SIEM
Updated over 3 months ago

First you will need an API token. You can generate one in the following directory:

Administration -> API Tokens -> Create API Token

NOTICE: You can only visualize the generated token once, remember to save it.

When calling the GetAlertsLog API:

  1. Select API KEY under AUTH TYPE

  2. Enter the access key generated previously.

The required fields for the API call are:


StartDate
EndDate

Some notes:

  • The sending interval must be of one day.

  • The API sends alerts in the CEF format.

  • The alerts configured by default are:

    • More than 5 credentials seen in less than 1, 2, or 3 minutes.

    • Login from outside the country.

    • User tried to logged in excessively.

    • User logged in outside of business hours.

Found what you were looking for? If in doubt, send us an email! [email protected]

Did this answer your question?